03-19-2015 03:05 AM - edited 03-17-2019 04:59 PM
Hi,
I've been asked to allow use of the Cisco Spark application from within our Corporate LAN, but it just doesn't seem to work at all. The marketing material suggests that this is an enterprise-grade tool but it seems to fall a long way short in it's current form.
Outbound connectivity from our LAN to the outside world is policed (and audited) and web traffic is relayed via CWS. Your KB suggests that we need to open some ports for this app to work:
tcp 443/8443 for signalling
udp 8000-8100 & 33434-34598 for media
(although in another article it says tcp/udp 33434 only). To which destination addresses are these ports required? We cannot open tcp/443 to all external destinations (and I imagine we are not alone in this).
Packet captures for the Cisco Spark app show that it happily relays traffic through the system-assigned proxy server, and it can display the contents of rooms, but it cannot interact with them at all (cannot send messages or attachments).
Can this be made to work behind a corporate firewall without opening it for web traffic to the entire world?
03-19-2015 11:18 AM
Hello Darren,
Thank you for your feedback and questions. The media port requirement was updated to a single port 33434 due to feedback and demand.
At this time Spark is not proxy aware and engineering teams are working on improving this area. Can you share what Proxy appliance or server is used?
Regards,
Jean.
09-22-2015 08:50 AM
I have the same question...is there a destination server list for Spark so customers can modify their firewall ACLs and/or bypass proxy servers based on destination address?
09-22-2015 08:31 PM
Darren, we can't provide destination services because there are many micro-services running and needed to operate.
Destination address changes as well as adding some new services can happen any time with our dev-ops deployment model either due to adding new features or platform expansion and/or redundancy. Providing you with the static IP range or domain names can become service impacting. As Jean pointed out above, we are working on the solution to support proxy configuration.
-Miro
09-23-2015 05:28 AM
Hi,
I am a develpoer on the Spark windows client, we recently added support for proxies.
In the latest update of Cisco Spark we support authenticating proxies with Basic, Digest, NTLM, and Negotiate.
Proxy Kerberos authentication is not yet supported.
The latest available update build 1.0.0.1923, proxy support is available.
Can you test with this version, if you see any issues please provide spark logs so I can investigate further.
Log is located at: C:\Users\%user%\AppData\Local\Spark\Logs
Regards,
Des
09-23-2015 09:27 AM
Thanks Des. Do you have any documentation that describes how this is configured on a technical level? Is Spark pulling credentials from the local store?
10-06-2015 04:37 AM
Hello Des,
I'm trying to install the Cisco Spark Desktop version 1.0.0.2326, but I'm getting a strange error:
I have 114 GB free disk space. I've tried to change the compatibility mode to XP, Win 7...etc, but none helped.
tried the installation on different workstations, but also got the same strange error.
============
ERROR DETAILS
============
PLATFORM VERSION INFO
Windows : 6.1.7601.65536 (Win32NT)
Common Language Runtime : 4.0.30319.34209
System.Deployment.dll : 4.0.30319.34244 built by: FX452RTMGDR
clr.dll : 4.0.30319.34209 built by: FX452RTMGDR
dfdll.dll : 4.0.30319.34244 built by: FX452RTMGDR
dfshim.dll : 4.0.41209.0 (Main.041209-0000)
SOURCES
Deployment url : https://download.ciscospark.com/windows/1/Spark.application
Server : nginx
Deployment Provider url : https://download.ciscospark.com/windows/1/Spark.application
Application url : https://f761f1fd9f656f2e2d45-83730c4e8548703e871da6c8c1f49ba7.ssl.cf2.rackcdn.com//1/Application%20Files/Spark_1_0_0_2326/Spark.exe.manifest
IDENTITIES
Deployment Identity : Spark.application, Version=1.0.0.2326, Culture=neutral, PublicKeyToken=a0d42a8553b1ae1e, processorArchitecture=x86
Application Identity : Spark.exe, Version=1.0.0.2326, Culture=neutral, PublicKeyToken=a0d42a8553b1ae1e, processorArchitecture=x86, type=win32
APPLICATION SUMMARY
* Installable application.
ERROR SUMMARY
Below is a summary of the errors, details of these errors are listed later in the log.
* Activation of https://download.ciscospark.com/windows/1/Spark.application resulted in exception. Following failure messages were detected:
+ Downloading https://f761f1fd9f656f2e2d45-83730c4e8548703e871da6c8c1f49ba7.ssl.cf2.rackcdn.com//1/Application Files/Spark_1_0_0_2326/wme4net/mediasession.dll.deploy did not succeed.
+ Received an unexpected EOF or 0 bytes from the transport stream.
COMPONENT STORE TRANSACTION FAILURE SUMMARY
No transaction error was detected.
WARNINGS
There were no warnings during this operation.
OPERATION PROGRESS STATUS
* [10/6/2015 1:15:57 PM] : Activation of https://download.ciscospark.com/windows/1/Spark.application has started.
* [10/6/2015 1:16:00 PM] : Processing of deployment manifest has successfully completed.
* [10/6/2015 1:16:00 PM] : Installation of the application has started.
* [10/6/2015 1:16:02 PM] : Processing of application manifest has successfully completed.
* [10/6/2015 1:16:02 PM] : Found compatible runtime version 2.0.50727.
* [10/6/2015 1:16:02 PM] : Detecting dependent assembly Sentinel.v3.5Client, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil using Sentinel.v3.5Client, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil.
* [10/6/2015 1:16:02 PM] : Detecting dependent assembly System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil using System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil.
* [10/6/2015 1:16:02 PM] : Detecting dependent assembly WindowsBase, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil using WindowsBase, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=msil.
* [10/6/2015 1:16:02 PM] : Detecting dependent assembly System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil using System.Core, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil.
* [10/6/2015 1:16:02 PM] : Detecting dependent assembly System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil using System.Data.Entity, Version=3.5.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil.
* [10/6/2015 1:16:02 PM] : Request of trust and detection of platform is complete.
ERROR DETAILS
Following errors were detected during this operation.
* [10/6/2015 1:19:07 PM] System.Deployment.Application.DeploymentDownloadException (Unknown subtype)
- Downloading https://f761f1fd9f656f2e2d45-83730c4e8548703e871da6c8c1f49ba7.ssl.cf2.rackcdn.com//1/Application Files/Spark_1_0_0_2326/wme4net/mediasession.dll.deploy did not succeed.
- Source: System.Deployment
- Stack trace:
at System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
at System.Deployment.Application.SystemNetDownloader.DownloadAllFiles()
at System.Deployment.Application.FileDownloader.Download(SubscriptionState subState)
at System.Deployment.Application.DownloadManager.DownloadDependencies(SubscriptionState subState, AssemblyManifest deployManifest, AssemblyManifest appManifest, Uri sourceUriBase, String targetDirectory, String group, IDownloadNotification notification, DownloadOptions options)
at System.Deployment.Application.ApplicationActivator.DownloadApplication(SubscriptionState subState, ActivationDescription actDesc, Int64 transactionId, TempDirectory& downloadTemp)
at System.Deployment.Application.ApplicationActivator.InstallApplication(SubscriptionState& subState, ActivationDescription actDesc)
at System.Deployment.Application.ApplicationActivator.PerformDeploymentActivation(Uri activationUri, Boolean isShortcut, String textualSubId, String deploymentProviderUrlFromExtension, BrowserSettings browserSettings, String& errorPageUrl)
at System.Deployment.Application.ApplicationActivator.ActivateDeploymentWorker(Object state)
--- Inner Exception ---
System.IO.IOException
- Received an unexpected EOF or 0 bytes from the transport stream.
- Source: System
- Stack trace:
at System.Net.ConnectStream.Read(Byte[] buffer, Int32 offset, Int32 size)
at System.Deployment.Application.SystemNetDownloader.DownloadSingleFile(DownloadQueueItem next)
COMPONENT STORE TRANSACTION DETAILS
No transaction information is available.
Regards\Mohamad
10-15-2015 05:41 AM
Hi,
We have encountered a number of issues similar to this with the Microsoft component "ClickOnce"we use to deploy Spark.
We have been working to address these issues by changing our Spark deployment to an MSI installer.
We hope to roll this out to production early next week.
In the interm can you try the following.
Uninstall Cisco Spark manuall from the Control Panel.
Download/Install Spark again from ciscospark.com
Regards,
Des.
06-30-2016 08:42 PM
Hi Everyone,
I am using the Spark Windows App version 2.0. Someone mentioned in the previous comments that Windows client is now proxy aware and supports authenticating proxies with Basic, Digest, NTLM, and Negotiate. Do I have to do any special configuration for the Windows client to connect via proxy? I am just launching the app and trying to connect but its not even able to send an email to my registered account.
We use websense proxy over HTTPS in my company.
Any help is really appreciated.
Thanks
Abhi
12-15-2015 04:21 AM
Hi Spark Team,
Im deploying a few sparks mobile in my company and need to know how to deploy my mobile ipad´s trough my proxy, firewall.......
We have some issues, like:
How to enable the UDP port to especific subnet range?
I cannot just open the udp port for any ip for security reason.
You guys have a list of subnet range for use with spark?
12-15-2015 06:00 PM
We can't provide list of IP range because the services are changing/updating and your users would have poor experience, please refer to this article for which ports are required to be open for Spark to work properly:
12-16-2015 12:38 AM
So, nine months down the line from my original post and it still won't work in a typical Enterprise scenario? Outbound HTTPS to an unspecified list of sites? Good luck with that.
Does it support a proxy server at all yet? What about transparent proxying? Does it at least work using ASA CWS integration?
12-16-2015 12:42 AM
Hi Darren,
have you tried the newest versions of Spark with your proxy servers? In our environment the Spark client runs without issues behind the proxies.
Make a try with the newest client.
Sebastian
12-16-2015 12:49 AM
v1.0.0.3125 just downloaded from ciscospark.com, same problem as before. Failure message swiftly followed by a crash:
No configuration options anywhere to change the behaviour of the client.
12-16-2015 12:58 AM
Hi Darren,
it seems there is a different issue than the proxies. Without proxy support it was possible for me to start the client. Maybe you could share your log Spark log files and one of the Cisco Spark guys could check.
You can find the log files for Spark in <user directory>\AppData\Local\Spark\Logs
Sebastian
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide